diff --git a/src/auto-reply/reply/commands-config.ts b/src/auto-reply/reply/commands-config.ts
index b40032758d3..9ca5f8ef034 100644
--- a/src/auto-reply/reply/commands-config.ts
+++ b/src/auto-reply/reply/commands-config.ts
@@ -24,6 +24,7 @@ import {
   requireCommandFlagEnabled,
   requireGatewayClientScopeForInternalChannel,
 } from "./command-gates.js";
+import { resolveChannelAccountId } from "./channel-context.js";
 import type { CommandHandler } from "./commands-types.js";
 import { parseConfigCommand } from "./config-commands.js";
 import { resolveConfigWriteDeniedText } from "./config-write-authorization.js";
@@ -84,7 +85,11 @@ export const handleConfigCommand: CommandHandler = async (params, allowTextComma
       cfg: params.cfg,
       channel: params.command.channel,
       channelId,
-      accountId: params.ctx.AccountId,
+      accountId: resolveChannelAccountId({
+        cfg: params.cfg,
+        ctx: params.ctx,
+        command: params.command,
+      }),
       gatewayClientScopes: params.ctx.GatewayClientScopes,
       target: resolveConfigWriteTargetFromPath(parsedWritePath),
     });
diff --git a/src/auto-reply/reply/commands.test.ts b/src/auto-reply/reply/commands.test.ts
index cd58a62e305..c594a9d85c4 100644
--- a/src/auto-reply/reply/commands.test.ts
+++ b/src/auto-reply/reply/commands.test.ts
@@ -1775,6 +1775,52 @@ describe("handleCommands /config configWrites gating", () => {
     }
   });
 
+  it("honors the configured default account when gating omitted-account /config writes", async () => {
+    setActivePluginRegistry(
+      createTestRegistry([
+        {
+          pluginId: "telegram",
+          source: "test",
+          plugin: {
+            ...telegramCommandTestPlugin,
+            config: {
+              ...telegramCommandTestPlugin.config,
+              defaultAccountId: (cfg) =>
+                ((cfg.channels?.telegram as { defaultAccount?: string } | undefined)?.defaultAccount ??
+                  DEFAULT_ACCOUNT_ID),
+            },
+          },
+        },
+      ]),
+    );
+
+    const previousWriteCount = writeConfigFileMock.mock.calls.length;
+    const cfg = {
+      commands: { config: true, text: true },
+      channels: {
+        telegram: {
+          defaultAccount: "work",
+          configWrites: true,
+          accounts: {
+            work: { configWrites: false, enabled: true },
+          },
+        },
+      },
+    } as OpenClawConfig;
+    const params = buildPolicyParams('/config set messages.ackReaction=":)"', cfg, {
+      Provider: "telegram",
+      Surface: "telegram",
+      AccountId: undefined,
+    });
+    params.command.senderIsOwner = true;
+
+    const result = await handleCommands(params);
+
+    expect(result.shouldContinue).toBe(false);
+    expect(result.reply?.text).toContain("channels.telegram.accounts.work.configWrites=true");
+    expect(writeConfigFileMock.mock.calls.length).toBe(previousWriteCount);
+  });
+
   it("enforces gateway client permissions for /config commands", async () => {
     const baseCfg = {
       commands: { config: true, text: true },